Target Labs, Inc
SECURITY COMPLIANCE ENGINEER
Target Labs, Inc, Scottsdale, Arizona, us, 85261
The engineer will be responsible for the following:Understand contractual requirements with assigned customers.Deliver customer security solutions.Understand, communicate and administer established IT security policy.Assist solution design teams on technical specific security requirements.Contribute on a proactive basis to trend analysis and policy development.Review and approve change management and new customer requests from a security and risk management perspective.Second Level support for security related end user problems.Perform security trend and technology related research as necessary.Implement vulnerability, detection and protection security systems.Implement security audit gaps results into the build and implementation project phase.Define and realize plans concerning technical content and innovation in such way that will contribute adequately to the realization of Security Management.Assist in internal and external security audits.Review and when needed improve the Security Management process.Qualifications:Position Requirements:
No clearance required.Desired Education:
Bachelor's Degree preferred.Desired Experience:3-5 years of experience working in systems engineering on a specific OS (AIX, Linux or Microsoft Windows) or storage infrastructure.3-5 years of experience in Information Security with a focus of Security Management.Experience implementing patch management initiated Vulnerability Scans, IT Risk Assessment and Firewall/Server/Network devices baseline reviews.Expertise in Implementation of Security Needs: Audits, planning, design, implementation, testing, and management.Strong understanding for various IT security standards and practical experience implementing it within the IT framework of an organization.Strong understanding and practical experience of multiple compliance framework like ISO 27001, SAS70, COBIT, ITIL, SOX or PCI.Excellent knowledge in access management/controls and have working experience in implementing it by applying a model and/or using a tool or system.Competent in security strategies and technologies including operating systems security, secure network, web and database services, penetration testing, access control, system monitoring and cryptography.Experienced at implementing or managing risk management/methodology, processes and tools.Ability to evaluate enterprise-wide impacts and make recommendations to approach issues and mitigate potential risks to an acceptable level.Experienced with solving complex technical security issues through design of security controls within a development lifecycle, provide recommendations to operational processes in service delivery, etc.Experienced in handling challenging security incidents and participation in audit demands, communicate with internal & external customers management.Extremely process and detail oriented.Strong written and verbal communication skills.Desired Certifications:Relevant security certifications are desirable but not mandatory, such as CISSP, CISM or CISA.
#J-18808-Ljbffr
No clearance required.Desired Education:
Bachelor's Degree preferred.Desired Experience:3-5 years of experience working in systems engineering on a specific OS (AIX, Linux or Microsoft Windows) or storage infrastructure.3-5 years of experience in Information Security with a focus of Security Management.Experience implementing patch management initiated Vulnerability Scans, IT Risk Assessment and Firewall/Server/Network devices baseline reviews.Expertise in Implementation of Security Needs: Audits, planning, design, implementation, testing, and management.Strong understanding for various IT security standards and practical experience implementing it within the IT framework of an organization.Strong understanding and practical experience of multiple compliance framework like ISO 27001, SAS70, COBIT, ITIL, SOX or PCI.Excellent knowledge in access management/controls and have working experience in implementing it by applying a model and/or using a tool or system.Competent in security strategies and technologies including operating systems security, secure network, web and database services, penetration testing, access control, system monitoring and cryptography.Experienced at implementing or managing risk management/methodology, processes and tools.Ability to evaluate enterprise-wide impacts and make recommendations to approach issues and mitigate potential risks to an acceptable level.Experienced with solving complex technical security issues through design of security controls within a development lifecycle, provide recommendations to operational processes in service delivery, etc.Experienced in handling challenging security incidents and participation in audit demands, communicate with internal & external customers management.Extremely process and detail oriented.Strong written and verbal communication skills.Desired Certifications:Relevant security certifications are desirable but not mandatory, such as CISSP, CISM or CISA.
#J-18808-Ljbffr